add dtls core-tests, fix enable_ssl_encrypt with DTLS

matyhtf · matyhtf · commit 842733be4475 · 2021-03-03T21:11:33.000+08:00
diff --git a/core-tests/src/server/server.cpp b/core-tests/src/server/server.cpp
@@ -204,6 +204,68 @@ TEST(server, ssl) {
 
     delete lock;
 }
+
+TEST(server, dtls) {
+    Server serv(Server::MODE_BASE);
+    serv.worker_num = 1;
+
+    SwooleG.running = 1;
+
+    sw_logger()->set_level(SW_LOG_WARNING);
+
+    Mutex *lock = new Mutex(Mutex::PROCESS_SHARED);
+    lock->lock();
+
+    ListenPort *port = serv.add_port((enum swSocket_type )(SW_SOCK_UDP | SW_SOCK_SSL), TEST_HOST, 0);
+    if (!port) {
+        swWarn("listen failed, [error=%d]", swoole_get_last_error());
+        exit(2);
+    }
+
+    port->ssl_set_cert_file(test::get_root_path() + "/tests/include/ssl_certs/server.crt");
+    port->ssl_set_key_file(test::get_root_path() + "/tests/include/ssl_certs/server.key");
+    port->ssl_init();
+
+    ASSERT_EQ(serv.create(), SW_OK);
+
+    serv.onStart = [&lock](Server *serv) {
+        thread t1([=]() {
+            swSignal_none();
+
+            lock->lock();
+
+            ListenPort *port = serv->get_primary_port();
+
+            EXPECT_EQ(port->ssl, 1);
+
+            swoole::network::SyncClient c(SW_SOCK_UDP);
+            c.connect(TEST_HOST, port->port);
+            c.enable_ssl_encrypt();
+            c.send(packet, strlen(packet));
+            char buf[1024];
+            c.recv(buf, sizeof(buf));
+            c.close();
+
+            kill(serv->gs->master_pid, SIGTERM);
+        });
+        t1.detach();
+    };
+
+    serv.onWorkerStart = [&lock](Server *serv, int worker_id) { lock->unlock(); };
+
+    serv.onReceive = [](Server *serv, RecvData *req) -> int {
+        EXPECT_EQ(string(req->data, req->info.len), string(packet));
+
+        string resp = string("Server: ") + string(packet);
+        serv->send(req->info.fd, resp.c_str(), resp.length());
+
+        return SW_OK;
+    };
+
+    ASSERT_EQ(serv.start(), 0);
+
+    delete lock;
+}
 #endif
 
 TEST(server, task_worker) {
diff --git a/include/swoole_client.h b/include/swoole_client.h
@@ -191,7 +191,7 @@ class SyncClient {
         if (connected || !created) {
             return false;
         }
-        if (client.connect(&client, host, port, timeout, 0) < 0) {
+        if (client.connect(&client, host, port, timeout, client.socket->is_dgram()) < 0) {
             return false;
         }
         connected = true;
diff --git a/src/network/client.cc b/src/network/client.cc
@@ -267,6 +267,20 @@ int Client::enable_ssl_encrypt() {
     }
     ssl_context.reset(new swoole::SSLContext());
     open_ssl = true;
+#ifdef SW_SUPPORT_DTLS
+    if (socket->is_dgram()) {
+        ssl_context->protocols = SW_SSL_DTLS;
+        socket->dtls = 1;
+        socket->chunk_size = SW_SSL_BUFFER_SIZE;
+        send = Client_tcp_send_sync;
+        recv = Client_tcp_recv_no_buffer;
+    }
+#else
+    {
+        swWarn("DTLS support require openssl-1.1 or later");
+        return SW_ERR;
+    }
+#endif
     return SW_OK;
 }
 
@@ -961,8 +975,7 @@ static int Client_onStreamRead(Reactor *reactor, Event *event) {
             } else {
                 if (cli->socket->ssl_state == SW_SSL_STATE_READY) {
                     execute_onConnect(cli);
-                }
-                else if (cli->socket->ssl_state == SW_SSL_STATE_WAIT_STREAM && cli->socket->ssl_want_write) {
+                } else if (cli->socket->ssl_state == SW_SSL_STATE_WAIT_STREAM && cli->socket->ssl_want_write) {
                     swoole_event_set(event->socket, SW_EVENT_WRITE);
                 }
             }
@@ -984,7 +997,8 @@ static int Client_onStreamRead(Reactor *reactor, Event *event) {
 #ifdef SW_USE_OPENSSL
         if (cli->open_ssl) {
             if (cli->ssl_handshake() < 0) {
-                _connect_fail: cli->active = 0;
+            _connect_fail:
+                cli->active = 0;
                 cli->close();
                 if (cli->onError) {
                     cli->onError(cli);
@@ -1008,8 +1022,7 @@ static int Client_onStreamRead(Reactor *reactor, Event *event) {
         }
         if (cli->socket->ssl_state != SW_SSL_STATE_READY) {
             return SW_OK;
-        }
-        else {
+        } else {
             execute_onConnect(cli);
             return SW_OK;
         }

Original file line number	Diff line number	Diff line change
`@@ -191,7 +191,7 @@ class SyncClient {`
`191`	`191`	`if (connected \|\| !created) {`
`192`	`192`	`return false;`
`193`	`193`	`}`
`194`		`- if (client.connect(&client, host, port, timeout, 0) < 0) {`
	`194`	`+ if (client.connect(&client, host, port, timeout, client.socket->is_dgram()) < 0) {`
`195`	`195`	`return false;`
`196`	`196`	`}`
`197`	`197`	`connected = true;`